_______________________________________________
cap-talk mailing list
cap-...@mail.eros-os.org
http://www.eros-os.org/mailman/listinfo/cap-talk
I think one reason for lack of interoperability is the desire for lock-in by the vendors. Another is lack of standards.As far as privacy versus functionality, I believe 99+% of people will choose the latter without blinking an eye.
The security model does not need to be very complex and the HomePlug AV mechanisms ought to suffice.
When implemented with the simplistic model, the cost of supporting variation gets to be much more than the incremental hardware costs and you cannot evolve very quickly either.
* typically, the short distance networking protocols include application level concepts make combining networks difficult. Some have quite poor application level models (e.g. ZWave locks cannot tell whether a door is locked, so you need an extra channel to provide that information).
tc
> --
> Tony Arcieri
most devices used for IoT come with 32K of memory, do not run true
operating system, they run small programs that provide only the required
control/information functionality. Those devices have ethernet or wifi
links. How do you implement access control given that the device will
connect to a local server?
> All that said, as far as I can tell there really isn't anything to
> recommend so far that remotely resembles a real option in this space. The
> best I can recommend are half-baked research projects.
and on some devices the reflashing is via usb cable.I've seen software update is a process that needs the device powered off
It depends, if there is a full OS, it can do updates via remote link.
On Mon, Jan 18, 2016 at 11:59 AM, Valerio Bellizzomi <val...@selnet.org> wrote:and on some devices the reflashing is via usb cable.I've seen software update is a process that needs the device powered offI consider automatic software updates a baseline requirement for a secure system. If the device needs to be connected to some sort of tether cable and flashed by some 3rd party software utility the user needs to install, those upgrades aren't going to happen.
Not practical / wise for HW / small ioc . Yet to see a single mother board auto update - with good reason . HW normally works on no changes and if there are any changes there is normally a very length cycle before its released. This includes Flash /EEproms , not to mention that it some cases you can brick the device with some Eeproms if you do it to often.
--There are certainly many applications of hardware for which updates are a bad idea, or devices which are too small or constrained to support automatic updates. But you have to Venn Diagram that with the types of devices it's reasonably responsible to connect to the Internet and assign an IP address to.I would argue it's irresponsible to put any device on the Internet which is not capable of receiving software updates.Tony Arcieri
On 19/01/2016 5:07 pm, "Valerio Bellizzomi" <val...@selnet.org> wrote:
>
> well, it is secure as it is, because no one can reflash your device
> remotely, you have to do it by hand.
There are three vectors that need to be considered here, and for different products they each carry different risks. For example, security cameras that are outside your house should not be reflashable with physical access.
The other two vectors are the automatic update delivery mechanism, which is the most scary IMO, and the API the device exposes.